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Amanriments to the Claims ; 

This listing of claims will replace all prior versions, and listings, of claims in the application. 
Listing of Claims ; 

1 (original). A method of accessing a storage area network (SAN), comprising: 
retrieving a first value from a first copy of a password table; 

using the first value to retrieve a second value from the first copy of the password table; 
encrypting the first value according to a first copy of an encryption key; 
sending the encrypted first value to anode of the SAN; 

decrypting the encrypted first value according to a second copy of the encryption key; 

using the decrypted first value to retrieve a third value firom a second copy of the 
password table; 

encrypting the third value according to the second copy of the encryption key and sending 
the encrypted third value back to a switch of the SAN; 

decrypting the third value according to the first copy of the encryption key and comparing 
the decrypted third value with the second value; and 

allowing access to the SAN if the third value and the second value match. 
2 (original). A method of claim 1. further comprising: 

responsive to an event selected Srom a power on event and a software reset event, reading 
a serial identification corresponding to a host; 

generating a code value based upon the serial number; 

comparing the generated code value with a previously determined code value; and 

denying access to the SAN if the generated code value and the previously determined 
code value dififer. 
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3 (original). The method of claim 2, wherein the code value i$ further based on a time stamp and 
date stamp. 

4 (original). The method of claim 1. wherein the SAN is a Hbre Channel compliant SAN. 

5 (original). The method of claim 1. &rther comprising, periodicaUy executing a key B^n^TOion 
application that generates a unique password table and encryption key for each node attached to 
the SAN. 

6 (currently amended). The method of claim {5} 1, wherein [t h y B>i uri.n ti n n np py n ti n ^ 
i uiiuii g j p Vii il nEm nrrrnf il rpfri^^vin^ the fir«* v«i~*^ comprises randomtv accessme an entry 
f!''^! ^iriL p^nf V^^^^ t«h.. »nd retrievtnp the first value from the randamly 

accessed entry . 

7 (currently amended). The method of claim {S{ 6, wherein [U i e paooword tobloc nn rt 

i m tH'til l o n I cc v j f o r n nnh mtrt Hirt, i„.fart tn n.»flh node manim l lyl iismp the first vft^e 

!!!T3S;; , ;;;n.;d val«e Z.r.ri^^ hashing fi--t v^m.. to drtPrmln^ a second entry m 
ThT ^^^^wnrA table gmd retrieviiiE t he second value from the second entry. 

8 (cunently amended). The method of claim m h therein the password tables and encryption 
keys for each node arc distributed over an encrypted link. 

9 (currently amended). A data processing network, comprising: 

a switch port including controller, receiver, transmitter, non volatile store, and memory, 
wherein the switch non-volatile storage includes a first copy of a password table and a 
first copy of an encryption key; 

a node including processor, non-volatile stortge. memory, and a host bus adapter, 
wherein the node non-volatile storage includes a second copy of the password table and a 
second copy of the encryption key; and 

wherein the node memory contains at least of a portion of a node software interface and 
the switch memory comains at least a portion of a switch software interface, wherem the 
software interfaces contain instructions for retrieving a password from the first copy ot 
the password table in response to a login request, using the password to (dctcrmmol 
retrieve a first response from the Hrst conv of the password table, sendmg Ihe 
password to the node, using the password to tdctDrrolDcl retngve a second response 
ftom the second copy of the password table, sending the second response back to the 
node, comparing the first and second responses; and denying the login request if the first 
{ind second response differ. 
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10 (original). The network of claim 9, further comprising a key server application comprised of a 
set of instructions for generating the encryption key and the key password table for the node and 
switch. 

11 (original). The network of claim 10, wherein the key server apphcation generates an 
enciyption key and password table for each node-switch pair of the network. 

12 (original). The network of claim 10, wherein the encryption key and password table are 
stored on a portable storage device and manually distributed to the node. 

13 (original). The network of claim 10, wherein the encryption key and password table are 
distributed to the node via an external network. 

14 (original). The network of claim 10. wherein the key server appUcation is executed 
periodically to generate new keys and passwords tables: 

15 (currently amended). The networic of claim 9, wherein the first and second copies of the 
password table are encrypted according to the encryption key and wherein the software mterfaces 
include instructions for encrypting and decrypting the responses and the passwords accordmg to 
the encryption key. 

16 (currently amended). The networic of claim 9. wherein tiie node software interface fiitther 
contains instructions for reading a serial identification corresponding to a host, generating a code 
value based upon the serial number, comparing the generated code value witla a previously 
detennined code {vetaiH^ value, and denying access to the SAN if tiie generated code value and 
the previously determined code value differ. 

17 (original). The network of claim 16. wherein the instmctions for generating a code value are 
executed in response to an event selected from a power on event and a software reset. 

1 8 (original). The network of claim 9, wherein the switch comprises a Fibre Channel compliant 
switch. 

19 (original). A computer program product comprising a computer readable storage medium 
containing instmctions for authorizing access to a storage area network, the inshotctions 
comprising: 

a retriever enabled to retrieve a first value from a first copy of a password table; 

means for using the retriever and the first value to retrieve a second value fh>m the first 
copy of the password table; 

an encryptor for encrypting the first value according to a first copy of an encryption key; 
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means for sending the encryp^d first value to a node of the SAN; 

a decryptor for decrypting the encrypted first value according to a second copy of the 
encryption key; 

means for using the decrypted first value to retrieve a third value from a second copy of 
the password table; 

means for encrypting the tliird value according to the second copy of the encryption key 
and sending the encrypted third value back to a switch of the SAN; 

means for decrypting the third value according to the first copy of tlie encryption key and 
comparing the decrypted third value with the second value; and 

means for allowing access to the SAN if the third value and the second value match* 

20 (original). The computer program product of claim 19, further comprising: 

a reader enabled to determine a serial identification corresponding to a host in response to 
an detecting an event selected from a power on event and a software reset event; 

a code value generator enabled to generate a code value based upon the serial number; 

a comparator enable to compare the generated code value with a previously determined 
code value; and 

means for denying access to the SAN if the generated code value and the previously 
determined code value differ, 

21 (original). The computer program product of claim 20, wherein the code value is farther 
based on a time stamp and date stamp. 

22 (original). The computer program product of claim 19, further comprising, a key generation 
application that generate a unique password table and encryption key for each node attached to 
the SAN. 
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